The Itsoknoproblembro War

The United States and Iran are at war. They have been for three years.

It is not an open gun-toting, shooting war. No boots-on-the-ground are going toe-to-toe firing high powered assault rifles at each other. There are no rocket’s red glare.

It is a silent war. It is the world’s first military cyber-conflict. That war has just heated up a notch. The newest tactic is the Itsoknoproblembro Blitzkrieg.

It’s us against them until the last man is standing.

The Undeclared Cyberwar

Ahmadinejad Inspects Centrifuges

Open war started in early 2010 when Israel and the United States attacked five Iranian nuclear weapons plants with the Stuxnet Worm.

Stuxnet, a highly specialized weapon, was designed for a singular purpose; destroy thousands of uranium enrichment centrifuges.

No shock-and-awe was shown live on CNN, but it worked to perfection.

Stuxnet reprogrammed the centrifuges to kill by hideously spinning themselves to death.

It had the intrigue of a James Bond movie. A spy (or spies) infiltrated super secret Iranian nuclear weapons plants. Instead of a Barreta, the weapon of choice was probably a thumb drive. The cyber-attack was carried out within a closed network unconnected to the Internet.

It would have remain undiscovered except an infected computer was taken off-site from the Natanz weapons plant and connected to the Internet where the virus spread and was quickly detected by Internet security firms in mid-June 2010.

On December 4, 2011 Iran struck back.

Iran outfoxed the CIA by commandeering an RQ-170 Sentinel spy drone in flight over Iranian airspace and landed it safely in Iran. A couple days later it was displayed for all the world to see.

The RQ-170 is the most sophisticated drone in the U.S. arsenal.

They did it by jamming communications with its CIA spymasters to snap it into autopilot, and then hacked its GPS landing coordinates. That let the bird do all the work to get captured.

The Itsoknoproblembro Blitzkrieg

Cash-strapped, economic-sanctioned Iran has apparently stepped up its game.

Recently, there have been a series of major hacker attacks on banks. The two-fold purpose:

Encrypted DDoS attacks

Steal Money

According to experts, these sophisticated attacks are new and different; beyond the capability of your common, garden-variety, amateur hacker groups. It must be state sponsored. Ask, and in unison they all say Iran is behind it.

No hard evidence has yet been publicly released to prove it. The virus: itsoknoproblembro.

What is different is that instead of relying on exploiting individual computers, the attackers have engineered “cloud” based computer network servers in data centers to do their dirty work. Its like turning a kitten into a fire breathing dragon. It’s very nasty! They make Russia’s cyber-attacks against Estonia in 2007 seem like a friendly wave.

There has never been this many financial institutions under attack at one time. Bank of America, Citigroup, Wells Fargo, U.S. Bancorp, PNC, Capital One, Fifth Third Bank, BB&T and HSBC have all been hit.

Not only that, but the attackers have added another nasty DDoS nuance… encryption. DDoS stands for Dedicated Denial-of-Service. That hack-attack technique has been a around for a long time. What hasn’t is encryption.

By making encrypted requests of attacked financial institutions it puts a further drain on attacked servers. It makes them easier to take down. That has never been done before.

So far, no money has been reported stolen.

Conclusions

The United States and Iran are at war. You won’t hear casualty figures on the nightly news, but it is war.

In the new wave of super cyber-attacks the fact the attackers appear to be going after money is a finger pointing to nation sponsored hacking. There are few countries more desperate for cash than Iran.

Itsoknoproblembro raises the stakes to a whole new level of international cyber-terrorism. Nations beware.

Even if the risk is small, but there is a cyber war going on, does that not mean you should hold your stock certificates money etc in hard form, not digital? I worry about this a bit actually. A widow I know had it much easier actually having the actual stock certificate than the electronic account when it came to transferring matters from her now deceased husband.